nrf_cc3xx_platform_init() API crashes on call in different OS

Agenda:
Use crypto features like AES-CBC, AES-CCM, RSA, ECC, etc. in secure environment (i.e. trustzone with SPM). Also, to use HUK, KMU for secure key generation and storage.

Working Environment:
When used nrf-connect-sdk v1.9.1 with below configurations, able to perform all the required operations.
CONFIG_NRF_SECURITY=y
CONFIG_MBEDTLS_PSA_CRYPTO_C=y
CONFIG_PSA_CRYPTO_DRIVER_CC3XX=y
CONFIG_PSA_WANT_ALG_RSA_OAEP=y
CONFIG_IS_SPM=y

Problem Environment: Want to port all working code above to a different OS.
To achieve this ported nrfx drivers as suggested in documentation in this link https://developer.nordicsemi.com/nRF_Connect_SDK/doc/latest/nrfx/index.html.
(Present in nrf-connect-sdkv1.9.1\modules\hal\nordic\nrfx)
Also, Integrated libraries:
1. nrf_cc312_platform 
2. nrf_cc312_mbedcrypto
3. mbedtls v3.1.0

ISSUE: Now, when nrf_cc3xx_platform_init() API is called from a secure function, it crashes.
As per my understanding, definition of nrf_cc3xx_platform_init() should be present in nrf_cc312_platform library and nrf_cc3xx_platform_init() function will make related driver calls to rng driver which is present in nrfx drivers already added.

Question:
Is there anything missing in this flow, that is why crash is seen? 
Is this understanding correct, that the three integrated libraries will make driver calls internally which are present in nrfx drivers? Or something more has to be integrated?
Would someone please help sharing some details or pointers?

Parents Reply
  • Hello,

    Thanks for the explanation provided.

    We got to know now, that we are able to call the nrf_cc3xx_platform_init API successfully from secure firmware. But, when called from non-secure callable function we see the crash with dump below:
    #0  0x00000452 in ?? ()
    #1  <signal handler called>
    #2  0x00000000 in ?? ()
    #3  0x00010dcc in CC_PalMutexCreate ()
    #4  0x00010bf8 in CC_PalInit ()
    #5  0x00010b4e in CC_LibInit ()
    #6  0x00010a5a in nrf_cc3xx_platform_init ()

    We see CC_PalMutexCreate symbol in nrf_cc312_platform library itself.

    Also we made sure the below peripherals are present with SPU_RAMREGION_PERM_SECATTR_Msk and locked the configurations too.
    1. KMU - peripheral_id(57)
    2. MUTEX - peripheral_id(48)
    3. CTRLAPPERI - peripheral_id(6)
    4. UARTE - peripheral_id(9)

    Would you please share some information what could be possibly missed due to which it could crash.

Children
Related